diff --git a/code/model/MultiForm.php b/code/model/MultiForm.php index b3ee72b..8a3978a 100644 --- a/code/model/MultiForm.php +++ b/code/model/MultiForm.php @@ -54,6 +54,7 @@ abstract class MultiForm extends Form { * @var string */ private static $get_var = 'MultiFormSessionID'; + /** * These fields are ignored when saving the raw form data into session. * This ensures only field data is saved, and nothing else that's useless @@ -205,9 +206,15 @@ abstract class MultiForm extends Form { // Determine whether we use the current step, or create one if it doesn't exist $currentStep = null; - if(isset($_GET['StepID'])) { - $stepID = (int)$_GET['StepID']; - $currentStep = DataObject::get_one('MultiFormStep', "\"SessionID\" = {$this->session->ID} AND \"ID\" = {$stepID}"); + $StepID = $this->controller->request->getVar('StepID'); + if(isset($StepID)) { + $currentStep = DataObject::get_one( + 'MultiFormStep', + array( + 'SessionID' => $this->session->ID, + 'ID' => $StepID + ) + ); } elseif($this->session->CurrentStepID) { $currentStep = $this->session->CurrentStep(); }